For SMB’s to Enterprises & Governments, cybersecurity is critical. In fact, in 2020, more than 60 percent of businesses experienced a cyber attack. Due to COVID-19, As mobile work forces have nearly doubled since the pandemic to keep employees and customers safer at home, according to a recent Gallop poll on remote work trends, so have the number of cyber-attacks. Employees were quickly tossed into a world of remote work while using tools such as Microsoft 365 and other cloud-based software and apps. The urgency to adapt left many companies unprepared without proper cyber security protection. What’s worse, cyber criminals took advantage of a golden opportunity to do what they do best: prey on new and unsuspecting targets and cash in.
It Only Takes One Device to Gain Access to Your Company’s Network
What businesses may not realize is that mobile security may be their weakest link. A cyber criminal only needs to break into one unprotected mobile device (mobile phone, laptop, or tablet) in a company to gain access to the entire network. Intrusions like this can be crippling to an SMB, costing the company revenue, disrupting its operations, endangering its critically important data assets, and ruining customer relationships. In fact, the impact can be so devastating that when a small business is impacted, approximately 60% are unable to recover and go out of business within 6 months of a cyber-attack.
The increase in employee mobility has revolutionized the way we do business, but it has also created new security risks. On average, mobile users spend approximately 80% of their time outside of the protected corporate network, as they access the web from locations other than the office or company locations, according to Zimperium.
With this increased mobility, far too many devices are unprotected against increasingly sophisticated hacker techniques – especially when mobile device security patches and upgrades from company IT departments aren’t being installed.
But there are defensive moves that can help prevent cyber-attacks on Enterprises. One of those strategies is to adopt a multi-layered cybersecurity solution to outwit the hackers. We’ll address that later, but first, let’s look at why hackers focus on mobile devices.
Top Five Reasons Hackers Target Mobile Devices
Since the pandemic began, phishing attacks have increased 6x with approximately 90% of all breaches starting with a phishing attack where a scam artist uses official looking fake emails, to trick an individual into giving away information (passwords, bank details, etc.) With so many emails being read via a mobile device these days, it’s a target-rich environment to steal credentials and passwords. And the fact that mobile users are dealing with a smaller screen, are often distracted due to multitasking, and can’t see a URL bar that might alert them to something suspicious makes them more vulnerable than they would be at the office on a laptop.
If the hacker has access to your device, they also have access to your contacts and your calendar and can figure out just the right time to turn on the recording function. It won’t be during your dentist visit; it will be when you’re meeting with a client or a potential client. If that hacker has targeted you individually because of your position in your company, what they learn in their spying could be incredibly valuable to a competitor or even a foreign government.
A hacker can also take advantage of the guest network in a target company’s lobby. Once they log onto the network, they can see if there are more people connected than are actually waiting in the lobby at that time. This is a good indicator that employees may be using the guest network to go outside the company firewall and access apps and sites that the corporate network is blocking. The hacker can then easily trick a user into downloading what appears to be a game, take control of their device, and set up super-admin privileges for themselves that open up the entire network for malicious use.
The hackers behind Wanna Cry specifically targeted Android devices. They accessed a Wi-Fi network, scanned all the connected Android devices, and determined which ones were susceptible to their ransomware. They infected one phone and then–when the user got back to the corporate office and logged onto the company network–they were able to lock up entire companies and demand ransom payments.
Protecting Your Business and Users from Bad Actors
Thanks to the pandemic and the growth in mobile workers, Enterprise cyber security has never been more important. To protect your business from a potentially catastrophic cyber-attack, you need to enforce a zero-trust mentality to guard against potential threats. That means taking a proactive approach to threat management–and how you monitor the people, systems, or services accessing your network.
There are many ways for hackers to gain access to your network for any one of the five reasons we mentioned above. Each avenue requires a specific cyber security solution to ensure your data is protected.
We help Enterprises in protecting these attacks on new Endpoints and the Mobile Apps being used by your customers:
Every device that accesses your network poses a risk to your business. If you start with these options in mind as the framework for what you need to protect your business from the growing number of cyber-attacks that are coming your way, you’ll be on the right track.
For more information about how Cyber Armor can help your business detect, prevent, and remediate cyber-attacks, reach out to us on firstname.lastname@example.org .